Home CVE Database CVE-2015-5330

CVE-2015-5330

Description

ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.

Priority: Medium
CVSS v3: 7.5
Publish Date: Dec 29, 2015
Related ID: --
CVSS v2: High
Modified Date: Dec 30, 2015

Find out more about CVE-2015-5330 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

samba

Live chat
Online